Dokumentumok
:

Artificial intelligence, data protection and elections

20-05-2019

The Facebook/Cambridge Analytica case in 2018, revealing alleged misuse of personal data for political advertising, demonstrated how the underlying values of the European data protection rules are essential for democracy. The EU has recently adopted a series of additional initiatives to support free and fair elections, reflected not least in European Parliament (EP) debates and resolutions.

The Facebook/Cambridge Analytica case in 2018, revealing alleged misuse of personal data for political advertising, demonstrated how the underlying values of the European data protection rules are essential for democracy. The EU has recently adopted a series of additional initiatives to support free and fair elections, reflected not least in European Parliament (EP) debates and resolutions.

Dokumentumok
:

Rules for EU institutions' processing of personal data

12-09-2018

In the context of the comprehensive reform of the EU's legal framework for data protection, the Commission tabled a proposal in January 2017 for a 'regulation on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and the free movement of such data' and repealing the existing one (Regulation No 45/2001). The aim is to align it to the 2016 General Data Protection Regulation (GDPR) that has been fully applicable since ...

In the context of the comprehensive reform of the EU's legal framework for data protection, the Commission tabled a proposal in January 2017 for a 'regulation on the protection of individuals with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and the free movement of such data' and repealing the existing one (Regulation No 45/2001). The aim is to align it to the 2016 General Data Protection Regulation (GDPR) that has been fully applicable since 25 May 2018. Interinstitutional trilogue meetings, in which debate focused on also applying the regulation to operational data of EU bodies carrying out law enforcement activities, brought an agreement between the co-legislators in May. The compromise text is due to be voted by the Parliament in the September plenary session. Third edition. The 'EU Legislation in Progress' briefings are updated at key stages throughout the legislative procedure.

Dokumentumok
:

Protection of personal data processed by the Union institutions and bodies

05-09-2018

In view of revising the existing rules in the field and in line with the General Data Protection Regulation (GDPR), the European Commission made a proposal regulating the processing of personal data by the Union institutions, bodies, offices and agencies in 2016. Negotiations with the Council have produced a compromise text, which is expected to be voted on at first reading in the September plenary.

In view of revising the existing rules in the field and in line with the General Data Protection Regulation (GDPR), the European Commission made a proposal regulating the processing of personal data by the Union institutions, bodies, offices and agencies in 2016. Negotiations with the Council have produced a compromise text, which is expected to be voted on at first reading in the September plenary.

Dokumentumok
:

The Privacy Shield: Update on the state of play of the EU-US data transfer rules

26-07-2018

The CJEU’s Schrems judgment of October 2015, besides declaring the European Commission’s Decision on the EU-US ‘Safe Harbour’ data transfer regime invalid, has also settled a number of crucial requirements corresponding to the foundations of EU data protection. In less than one year from the CJEU ruling, the Commission had adopted a new adequacy decision in which the new framework for EU-US data transfer, the Privacy Shield (2016), is deemed to adequately protect EU citizens. The main improvements ...

The CJEU’s Schrems judgment of October 2015, besides declaring the European Commission’s Decision on the EU-US ‘Safe Harbour’ data transfer regime invalid, has also settled a number of crucial requirements corresponding to the foundations of EU data protection. In less than one year from the CJEU ruling, the Commission had adopted a new adequacy decision in which the new framework for EU-US data transfer, the Privacy Shield (2016), is deemed to adequately protect EU citizens. The main improvements of the Privacy Shield (over its predecessor), as well as the critical reactions to the new arrangements, are discussed in this paper. The first joint annual review took place in September 2017 on which both the Commission and Article 29 Working Party issued their own reports. Although progress is recognised, a number of concerns remain and new challenges to the Privacy Shield have arisen, among others, from the Facebook/Cambridge Analytica scandal, as pointed out by the European Parliament in its recent resolution.

Dokumentumok
:

Data protection rules applicable to the European Parliament and to MEPs: Current regime and recent developments

20-06-2018

Data protection is a fundamental right enshrined in both primary and secondary EU law. More specifically, the main reference for data protection in Europe is the 2016 General Data Protection Regulation (GDPR), which is fully applicable since 25 May 2018. Moreover, specific data protection rules (currently Regulation 45/2001) apply to the EU institutions. The latter are under review, to adapt their principles and provisions to the GDPR. The processing of data relating to parliamentary activities is ...

Data protection is a fundamental right enshrined in both primary and secondary EU law. More specifically, the main reference for data protection in Europe is the 2016 General Data Protection Regulation (GDPR), which is fully applicable since 25 May 2018. Moreover, specific data protection rules (currently Regulation 45/2001) apply to the EU institutions. The latter are under review, to adapt their principles and provisions to the GDPR. The processing of data relating to parliamentary activities is therefore covered by these specific rules, as is personal data relating to, or processed by, Members of the European Parliament (MEPs). This Briefing provides an overview of the main provisions applicable to parliamentary activities and in particular to MEPs, taking account of the fact that the process of reforming the current rules has not been formally concluded (even if a political agreement has been reached between the co legislators). An update of this Briefing will be published in due course.

Dokumentumok
:

GDPR goes live: A modern data protection law

15-05-2018

Aimed at strengthening citizens' rights uniformly while reducing burdens for companies and public entities, the European General Data Protection Regulation (GDPR) applies fully as of 25 May 2018. The long-awaited (and often feared) law is part of a reform package adopted in 2016 to foster trust in a digital age. The recent revelations on misuses of data show how the underlying values of the GDPR standards are essential for democracy.

Aimed at strengthening citizens' rights uniformly while reducing burdens for companies and public entities, the European General Data Protection Regulation (GDPR) applies fully as of 25 May 2018. The long-awaited (and often feared) law is part of a reform package adopted in 2016 to foster trust in a digital age. The recent revelations on misuses of data show how the underlying values of the GDPR standards are essential for democracy.

Dokumentumok
:

CJEU Opinion on EU-Canada PNR agreement

05-09-2017

A new agreement on the transfer of passenger name records (PNR) was signed by the EU Council and Canada in 2014, but conclusion of the agreement requires the European Parliament's consent. Consulted by Parliament, the Court of Justice of the EU held in July 2017 that the envisaged agreement needs to be revised.

A new agreement on the transfer of passenger name records (PNR) was signed by the EU Council and Canada in 2014, but conclusion of the agreement requires the European Parliament's consent. Consulted by Parliament, the Court of Justice of the EU held in July 2017 that the envisaged agreement needs to be revised.

Dokumentumok
:

Reform of the e-Privacy Directive

30-08-2017

In January 2017, the Commission tabled a proposal for a regulation on privacy and electronic communications which would replace the current 2002 e-Privacy Directive. The main objectives of the review are: enhancing security and communications confidentiality; defining clearer rules on tracking technologies such as cookies; and achieving greater harmonisation among Member States. Stakeholders are divided on certain issues, including on the basic need for a new measure to protect confidentiality in ...

In January 2017, the Commission tabled a proposal for a regulation on privacy and electronic communications which would replace the current 2002 e-Privacy Directive. The main objectives of the review are: enhancing security and communications confidentiality; defining clearer rules on tracking technologies such as cookies; and achieving greater harmonisation among Member States. Stakeholders are divided on certain issues, including on the basic need for a new measure to protect confidentiality in e-communications. Some national parliaments have made comments on the proposal, and discussions are progressing in Council. In the European Parliament, rapporteur Marju Lauristin (S&D, Estonia) presented a draft report to the Civil Liberties Committee on 21 June 2017, and this is expected to be voted in October 2017.

Dokumentumok
:

Contracts for the supply of digital content and personal data protection

15-05-2017

The proposed directive on the supply of digital content is intended to regulate the main contractual rights and duties of parties to contracts for the supply of digital content and services, and create a harmonised legal framework for digital content to benefit both consumers and businesses. It covers not only contracts where digital content or services are provided in exchange for money, but also those where the consumer provides personal or other data in lieu of money to gain access to digital ...

The proposed directive on the supply of digital content is intended to regulate the main contractual rights and duties of parties to contracts for the supply of digital content and services, and create a harmonised legal framework for digital content to benefit both consumers and businesses. It covers not only contracts where digital content or services are provided in exchange for money, but also those where the consumer provides personal or other data in lieu of money to gain access to digital content or services. The interplay between this proposed private law instrument and the existing public law rules on data protection (notably the recently adopted General Data Protection Regulation) have been the subject of some debate. The European Data Protection Supervisor's recent opinion was critical of the proposal, arguing that, in the EU, personal data 'cannot be conceived as a mere economic asset' and cannot therefore be treated as the consumer's contractual counter-performance in lieu of money. The draft report prepared by the co-rapporteurs in Parliament includes those contracts in which consumers do not pay a price (but potentially provide data) within the scope of the proposal. It eliminates however the notion of personal data as a form of contractual 'counter-performance'. The co-legislators are now facing the challenging task of reconciling the fundamental rights approach with the requirements of economic reality, including the need to grant legal protection to consumers who provide their data in order to access digital content or services.

Dokumentumok
:

Fundamental rights implications of big data

10-03-2017

The development of smart devices connected online and of big data practices, allowing unprecedented availability, sharing and automated use of data, brings both opportunities in terms of efficiency and improvement in our lives and risks for individuals’ fundamental rights. The European Parliament will vote on an own-initiative report on these issues in the second plenary of March 2017.

The development of smart devices connected online and of big data practices, allowing unprecedented availability, sharing and automated use of data, brings both opportunities in terms of efficiency and improvement in our lives and risks for individuals’ fundamental rights. The European Parliament will vote on an own-initiative report on these issues in the second plenary of March 2017.